文章基本信息

标题：Dynamic Management of Security Policies in PrivOrBAC
本地全文：下载
作者：Jihane EL MOKHTARI ; Anas ABOU EL KALAM ; Siham BENHADDOU 等
期刊名称：International Journal of Advanced Computer Science and Applications(IJACSA)
印刷版ISSN：2158-107X
电子版ISSN：2156-5570
出版年度：2021
卷号：12
期号：6
页码：693
DOI：10.14569/IJACSA.2021.0120681
出版社：Science and Information Society (SAI)
摘要：This article is a continuation of our previous work on identifying and developing tools and concepts to provide automatic management and derivation of security and privacy policies. In this document we are interested in the extension of the PrivOrBAC model in order to ensure a dynamic management of privacy-aware security policies. Our approach, based on smart contracts (SC) and the WS-Agreement Specification, allows automatic agents representing data providers and access requesters to enter into an access agreement that takes into consideration not only service level clauses but also security rules to protect the privacy of individuals. Our solution can be deployed in such a way that no human intervention is required to reach this type of agreement. This work shows how to use the WS-Agreement Specification to set up a process for negotiating, creating and monitoring Service Level Agreements (SLAs) in accordance with a predefined access control policy. This article concludes with a case study accompanied by a representative implementation of our solution.
关键词：Access control; privacy; PrivOrBAC; PrivUML; smart contract; WS-agreement